When a domain user successfully logs on to a domain-joined computer, the user's domain credentials are cached so that the user can logon again if the domain controller is unavailable (eg the computer is disconnected from the network).
If the domain-joined computer is running a Windows service as a domain service account and the computer restarts, will the service start if there is no domain controller available?
Secondly, if the afore mentioned service attempts to authenticate to and communinicate with a second local service, will it succeed?
From serverfault
-
I'm 90% certain that cached credentials apply only to interactive logins.
Oskar Duveborn : My experience as well, like MSSQL or Exchange services in domain user context not starting if there're no DCs around at all on bootup... though YMMVChris S : I'm 99.9% certain it's interactive logins only.Massimo : @Oskar: all Exchange services usually run as LocalSystem, LocalService or NetworkService; they don't start if there's no DC around because Exchange relies *quite heavily* on Active Directory, not due to authentication failures. Just wanted to point this out :-)Oskar Duveborn : Yeah I was gonna remove the Exchange mentioning from the comment and then forgot... ^^From Kara Marfia -
It is for interactive logons only. See the MS KB.
From Nasko
0 comments:
Post a Comment